Chip cards are standardized objects comprising a board, a chip and an interface to communicate with the outside world.
The card itself bears data that may be static, namely independent of their holder, or dynamic. The data is often printed on the card. It may for example be a card number. Similarly, the chip stores various different types of data.
The communications interface between the card and the outside world is formed by contacts on the surface of the body of the card or an antenna sunk into the said body. The card is called contact, contactless, hybrid or dual interface, depending on the communication means it features.
Chip cards can be made secure with a number of techniques.
Some techniques involve adding a physical security device to the body of the object.
In particular there is a technique whereby the physical security device is a nano barcode capable of generating a secure response, more specifically a magnetic signal, which is included in the card.
There is another special technique in which the security device is connected to another part of the portable object. This technique has been developed by company NOVATEC™ and its security device is called PROOFTAG™. It generates random bubbles. The PROOFTAG™ is verified by querying a database and cross-checking the data stored on the card's magnetic strip against the database, or the bubbles against the data printed on the body.
Emerging security solutions aim to securely match the data items stored in the chip with those concealed on the body of the card or entered via an external peripheral device capable of extracting biometric information from the card holder. One example of this type of innovation, KINEGRAM, is offered by the KURZ group (Keesing's Journal of Documents, issue 7, 2004), which matches secure data on the OVD (Optically Variable Device) with data encrypted in the chip.
However, of all the innovative solutions available, those consisting in inserting hidden data into the printed image (known as digital watermarking) would appear to be the most suitable and the most widespread to secure physical media including a microchip and an image such as a passport photograph because, among other things, they do not require any particular readable elements to be added in and/or the body of the card. These techniques are marketed under the names CRYPTOGLYPHE™, SCRAMBLED INDICIA™, IPI™ or ICI™.
Watermarking is similar to steganography.
Steganography consists in concealing a message to be transmitted confidentially in a set of apparently insignificant data in such a way that its presence cannot be detected. As in the case of cryptography, steganography can be used to exchange messages with a correspondent without others knowing it. But while standard cryptography relies on the fact that the message will in all likelihood not be understood, the security of steganography relies on the fact that the message will in all likelihood not be detected.
Watermarking differs from steganography primarily in its purpose. Rather than exchanging messages with correspondents, watermarking serves to render a medium secure, an image, sound or video in particular, by cleverly inserting a permanent mark in the said medium without visibly altering it in any way (comparable to noise in the language of signal processing).
Digital watermarking is used for digital images. It has become increasingly popular in recent years. This is primarily due to increasing need to protect transfers of images over the Internet. The technique consists in inserting a mark in digital images. The mark is invisible to the naked eye but can be read by a dedicated recognition system. The latter guarantees that the protected image is native.
A mark typically contains several tens of bits of data at the most. It may contain information regarding the permissions attached to the document, or an indication of the document owner's identity. As a result, anyone unlawfully claiming to be its owner can be exposed.
The following conditions are necessary for effective digital watermarking of chip cards bearing an image.
First of all, the mark must be highly resistant to printing and be very easy to read.
In practice, the mark does deteriorate (print weave, analogue/digital conversion), which results in added “noise”, small geometric distortions and a change of scale generated by the acquisition chain. Such distortions impair synchronization of the image (finding markers in the image). Despite such distortions, the mark should be read from an analogue capture of the previously printed passport photo, for instance with a scanner, a digital camcorder, a Webcam camera or a digital camera.
Furthermore, the card and photograph undergo wear and tear, and sustain both “physical” and “calorimetric” damage so to speak, leading to faded colours, dirt or scratches as well as small geometric defects due to frequent and intensive use card bodies undergo. But the mark must be interpretable even if the passport photo has sustained such wear and tear.
Although digital watermarking techniques have proved to be the most promising for applications aimed at ensuring the security of the body of chip cards, state-of-the-art studies reveal that none of these techniques withstand all such damage to the image (‘A print and scan optimized watermarking scheme’, F. Lefèbvre, D. Guéluy, D. Delannay and B. Macq, IEEE Multimedia Signal processing, 2001).
In particular, most current approaches based on digital watermarking remain sensitive to damage resulting from a combination of several different damaging factors (‘Perceptual quality evaluation of geometrically distorted images using relevant geometric transformation modeling’, 1. Setyawan, D. Delannay, B. Macq, R. L. Lagendijk, proceedings of SPIE, Security and Watermarking of Multimedia Contents V, Vol 5020, 2003).
Ultimately, even though so-called 2nd-generation solutions are proposed in the literature to counter such attacks, digital watermarking is not yet a totally reliable solution for the purpose of reading the mark on a damaged image (Watermarking Digital Image and Video Data, G C Langelaar, I. Setyawan, R L Lagendijk, IEEE Signal processing Magazine”, September 2000, volume 17-5, pages 20-46). Even though the attacks sustained by a card are difficult to characterize, there is no doubt that they include known attacks such as “print/scan”, “geometric” and others, the outcome of which is clearly stated to be fragile by the scientific community.
Moreover, after reading the concealed physical security data, access to a database is more often than not necessary, which complicates the storage of the said data, its security and quite simply access to it.